<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
  <%@ page import="java.sql.*" %>
<%@  include file="connstring.jsp" %>
<%
request.setCharacterEncoding("UTF-8");   //request设置编码
String strYhm = request.getParameter("yhm");
String strMm =request.getParameter("mm");
if(strYhm==null) strYhm="";
if(strMm==null) strMm="";
strYhm=strYhm.replace(" ","");
strYhm=strYhm.replace("=","");
strYhm=strYhm.replace("'","");
strMm=strMm.replace(" ","");
strMm=strMm.replace("=","");
strMm=strMm.replace("'","");

if(strYhm.trim().equals("")||strMm.trim().equals("")){
	%>
	<script type="text/javascript">
	alert("用户名、密码必须输入！\n请重试。");
	history.go(-1);
	</script>
<%
}
else{
	Connection conn=null;
	Statement stmt=null;
	ResultSet rs=null;
	try{
		Class.forName(driver);
		conn= DriverManager.getConnection(url);	
		 stmt=conn.createStatement();
		 String sql="select * from three_login where username='"+strYhm+"' and password='"+strMm+"';";
		 rs=stmt.executeQuery(sql);
	    if(rs.next()){
	    session.setAttribute("username", strYhm);
	    response.sendRedirect("index.jsp");
	    }
	    else{
	    	%>
	    	<script type="text/javascript">
	    	alert("用户名、密码必须输入！\n请重试。");
	    	history.go(-1);
	    	</script>
	    <%
	    }
	}
	catch(Exception ex){
		out.print("错误："+ex.getMessage());
	}
	finally{
		if(rs!=null)  rs.close();
		if(conn!=null)  conn.close();
		if(stmt!=null)  stmt.close();
		
	}     
	
	
}
%>